FreeBSD 9.3-RELEASE Release Notes
The release notes for FreeBSD 9.3-RELEASE contain a summary of the changes made to the FreeBSD base system on the 9.3-STABLE development line. This document lists applicable security advisories that were issued since the last release, as well as significant changes to the FreeBSD kernel and userland. Some brief remarks on upgrading are also presented.
Table of Contents
This document contains the release notes for FreeBSD 9.3-RELEASE. It describes recently added, changed, or deleted features of FreeBSD. It also provides some notes on upgrading from previous versions of FreeBSD.
This distribution of FreeBSD 9.3-RELEASE is a release
distribution. It can be found at
http://www.FreeBSD.org/releases/ or any of its
mirrors. More information on obtaining this (or other) release
distributions of FreeBSD can be found in the "Obtaining
FreeBSD" appendix to the FreeBSD
All users are encouraged to consult the release errata before installing FreeBSD. The errata document is updated with "late-breaking" information discovered late in the release cycle or after the release. Typically, it contains information on known bugs, security advisories, and corrections to documentation. An up-to-date copy of the errata for FreeBSD 9.3-RELEASE can be found on the FreeBSD Web site.
This section describes the most user-visible new or changed features in FreeBSD since 9.2-RELEASE.
Typical release note items document recent security advisories issued after 9.2-RELEASE, new drivers or hardware support, new commands or options, major bug fixes, or contributed software upgrades. They may also list changes to major ports/packages or release engineering practices. Clearly the release notes cannot list every single change made to FreeBSD between releases; this document focuses primarily on security advisories, user-visible changes, and major architectural improvements.
Problems described in the following security advisories have
been fixed. For more information, consult the individual advisories
14 January 2014
Fix bsnmpd(1) remote denial of service vulnerability
14 January 2014
Disable "monitor" feature in ntpd(8) by default
14 January 2014
Remote denial of service vulnerability
8 April 2014
Deadlock in the NFS server
8 April 2014
ECDSA side channel leak
30 April 2014
TCP reassembly vulnerability
26 May 2014
Sendmail improper close-on-exec flag handling
3 June 2014
ktrace(1) kernel memory disclosure
3 June 2014
Incorrect error handling in PAM policy parser
5 June 2014
24 June 2014
8 July 2014
Kernel memory disclosure in control messages and SCTP notifications
The isci(4) driver is now loadable via kldload(8). r256437 (Sponsored by The FreeBSD Foundation)
A kernel panic triggered in
zfs_root() after a
failed rollback has been fixed.
debug.devfs_iosize_max_clamp has been
added which enables and disables
r257125 (Sponsored by The FreeBSD Foundation)
kern.disallow_high_osrel, has been
added which disables executing the images compiled on a userland
with a higher major version number than the major version number of
the running kernel.
r257126 (Sponsored by The FreeBSD Foundation)
A deadlock triggered by powering off a USB device has been fixed. r257373
The ahci(4) driver has been updated to support the PCI-express solid state drive in the Apple® MacBook Air (model A1465). r258217
The mmap(2) system call has been updated to more optimally use superpages and provide support for tweaking the alignment of virtual mappings. r258870
A workaround has been implemented in the bge(4) driver for hung transmission on BCM5719 and BCM5720 chipsets. r258962
A kernel panic when listing sysctls on a system with
INVARIANTS enabled has been fixed.
kern.supported_archs has been added,
which will list the
MACHINE_ARCH values whose binaries
can be run on the system.
Several problems that could trigger kernel panic on kldload(8) and kldunload(8) have been fixed. r259519 (Sponsored by Spectra Logic)
A kernel panic triggered by some multi-threaded applications has been fixed. r260082 (Sponsored by The FreeBSD Foundation)
runfw(4) firmware has been renamed from
run.fw for consistency with other firmware files.
kern.panic_reboot_wait_time, has been
added. This allows tuning the amount of time the system will wait
before rebooting after
defaults to the kernel configuration option,
Hardware Random Number Generators have been disabled by default. r260644
A memory leak of compressed buffers has been fixed in
netmap(4) framework has been updated to match the version in
head/, which includes netmap pipes, kqueue support,
and enhanced VALE switch port.
Support for the ext4 filesystem has been enabled, supporting read-only mounts. r262564
A kernel panic triggered by inserting a USB ethernet device on VIMAGE-enabled systems has been fixed. r262594
TTM, a memory manager used by video drivers, has been merged. r262988 (Sponsored by The FreeBSD Foundation)
/sys/kernel/random/uuid has been added
A memory leak in the
zpool_in_use() function has
zpool(8) feature has been added. See
zpool-features(7) for more information.
A memory leak has been fixed in
vt(4) driver has been merged from
r263817,263818 (Sponsored by The FreeBSD Foundation)
The mpr(4) device has been added, providing support for LSI Fusion-MPT 3 12Gb SCSI/SATA controllers. r265729 (Sponsored by LSI, Spectra Logic)
A kernel bug that inhibited proper functionality of the
sysctl(8) on Intel® processors with Turbo Boost ™ enabled has
Trackpad support for Apple® MacBook products has been added. r261510
The Radeon KMS driver has been added. r263170,263171
The aacraid(4) driver has been updated to version 3.2.5. r263340
Network Interface Support
The re(4) driver has been updated to support the RTL8168G, RTL8168GU and RTL8411B chipsets. r257614,257616
The bge(4) driver has been updated to support the BCM57764, BCM57767, BCM57782, BCM57786 and BCM57787 chipsets. r258967
The usb(4) wireless radiotap headers have been realigned, allowing wireless adapters to work on arm, mips, and other similar platforms where alignment is important. r259460
bxe(4) driver has been merged from
providing support for Broadcom NetXtreme II 10Gb PCIe adapters.
The run(4) driver has been updated to include support for the MediaTek/Ralink RT3593 chipset. r261865
The run(4) driver has been updated to include support for the DLINK DWA-127 wireless adapter. r261933
A new flag
-c, has been added to
pkill(1), which restricts the process lookup to the specified
nmbcluster values to their current value
will now be ignored, instead of failing with an error.
/var/cache directory is now created with mode
0755 instead of mode
0750, since this
directory is used by many third-party applications, which makes
dropping group privileges impossible.
uname(1) utility has been updated to include the
-K flags, which print the
__FreeBSD_version for the running userland and kernel,
The fetch(3) library has been updated to support SNI (Server Name Identification), allowing to use virtual hosts on HTTPS. r258844
A segmentation fault and internal compiler error bug in gcc(1) triggered by throwing a warning before parsing any tokens has been fixed. r259243
Several updates to gcc(1) have been imported from Google. r259269,259406 (Contributed / provided by Google)
A byte-order bug in the Heimdal
function which would prevent interoperability with other Kerberos
implementations has been fixed. In particular, this would prevent
interoperability with the MIT implementation.
The hastctl(8) utility has been updated to output the current queue sizes. r260007
The protect(1) command has been added, which allows exempting processes from being killed when swap is exhausted. r260208
The gmirror(8) utility now prevents deactivating the last component of a mirror. r260507
gmirror destroy, has been
added, which will destroy the
geom(8) and erase the
etcupdate(8) utility, a tool for managing updates to files in
/etc, has been merged from
find(1) utility has been updated to fix incorrect behavior with
hw.uart.console is now always updated when the
comconsole setup changes.
The kldload(8) utility has been updated to display a message directing to dmesg(8), instead of the cryptic message "Exec format error". r260909
A bug that could trigger an infinite loop in KDE and X has been fixed. r261674
The newsyslog(8) utility has been changed to use the size of the file, instead of the blocks the file takes on the disk to match the behavior documented in newsyslog.conf(5). r262076
A bug in zdb(8) which would cause numeric parameters to a flag as being treated as additional flags has been fixed. r262105
pciconf(8) utility now has a
-V flag, which lists
information such as serial numbers for each device.
A bug that would allow creating a zfs(8) snapshot of an inconsistent dataset has been fixed. r262158
zfs(8) dataset with
zfs recv -F now properly
destroys any snapshots that were created since the incremental
Installation from a read-only
.OBJDIR has been
A new shared library directory,
has been added for internal-use shared libraries.
libmap32.conf has been added, for 32-bit
libucl library, a JSON-compatible configuration
file parsing library, has been imported.
pkg(7) package management utility has been syncronized with
head/. This implements binary package signature
verification when bootstrapping the system with
The system timezone data files have been updated to version tzdata2014a. r263042
bmake has been imported for
compatibility with the FreeBSD Ports Collection. It is installed as
bmake, and the
make remains the FreeBSD
Aliases for the
list -t snap and
have been added to match Oracle® Solaris 11.
A new flag,
-p, has been added to the
list command, providing output in a
OpenPAM has been updated to Nummularia (20130907), which incorporates several bug fixes and documentation improvements. The openpam_ttyconv(3) library has been completely rewritten. r263421
sh(1) command interpreter has been updated to expand
readonly differently. As result of this change,
variable assignment such as
local v=$1 will assign the
first positional parameter to
v, even if
$1 contains spaces, and
will expand the tilde (
find(1) utility has been updated to implement
-ignore_readdir_race. Prior to this change,
-ignore_readdir_race existed as an option for GNU
find(1) compatibility, and was ignored if specified. A counter
-noignore_readdir_race now also exists, and
is the default behavior.
ps(1) utility has been updated to include the
flag, used to filter output by matching
ail(8) IDs and names. Additionally, argument
be used to
-J to only list processes running on the
top(1) utility has been updated to filter by
jail(8) ID or name, in followup to the
ps(1) change in
newsyslog.conf(5) now includes files in the
/usr/local/etc/newsyslog.conf.d/ directories by
A new flag, "onifconsole" has been added to
/etc/ttys. This allows the system to provide a login
prompt via serial console if the device is an active kernel
console, otherwise it is equivalent to
The arc4random(3) library has been updated to match that of FreeBSD-CURRENT. r267379
pmcstat(8) utility has been updated to include a new flag,
-l, which ends event collection after the specified
number of seconds.
The FreeBSD Project has migrated from the GNATS bug tracking system to Bugzilla. The send-pr(1) utility used for submitting problem reports has been replaced with a stub shell script that instructs to use the Bugzilla web interface. r267911
periodic(8) script has been refined to catch more
authentication failures and reduce false positives.
Support for "first boot" scripts has been added to rc(8). See rc(8) and rc.conf(5) for implementation details. r256917
rc(8) system will now re-source
rc.conf(5) on receipt of
The readline(3) library has been updated to version 1.104. r255934
Sendmail has been updated to version 8.14.9. r266711
BIND has been updated to version 9.9.5. r262706 (Sponsored by DK Hostmaster A/S)
OpenSSH has been updated to version 6.6p1. r263970
OpenSSL has been updated to version 0.9.8za. r267285
Ports and Packages
Note to FreeBSD desktop users: please read this section carefully, especially before upgrading ports that depend on Xorg.
In April 2014, the FreeBSD Ports collection switched to a newer version of Xorg that supports KMS (Kernel Mode Setting).
Users upgrading from earlier versions of FreeBSD 9.x or FreeBSD 8.x should be aware of several things regarding Xorg:
When applications are built from the FreeBSD Ports Collection or installed from the
new_xorgpkg(8) repository, the newer, KMS-aware version of Xorg is used.
The KMS version of Xorg does not switch back to text mode after leaving the X desktop environment, and the system console will not be visible. The new vt(4) console driver supports graphic consoles and keeps the console visible after X has exited. The vt(4) driver must be compiled into the kernel. A
VTkernel configuration example file is included in 9.3-RELEASE, but is not compiled or enabled by default. See vt(4) and the vt(4) wiki page for additional information.
Packages for KDE4 are not available in the default (
latest) pkg(8) repository, however are available in the
new_xorgrepository. See the announcement email for details on how to use the
The older Xorg that does not support KMS can still be installed from the
latestupstream pkg(8) repository and the packages included on the 9.3-RELEASE DVD.
However, it is important to note that some newer applications require the newer Xorg, and will not work with the old version. The newer [Xorg is recommended, and should be used unless not compatible with legacy graphics cards.
To continue using the old version of Xorg when building from the FreeBSD Ports Collection, set
Release Engineering and Integration
As part of the release build, the etcupdate(8) utility will bootstrap the system, allowing etcupdate(8) to work after the first upgrade of a system. r260891
release.sh script and release
Makefile have been updated to use
pkg(7) to populate the dvd installation medium.
r262879 (Sponsored by The FreeBSD Foundation)
services.mkdb(8) utility has been updated to support multiple
byte orders. Similar to
services.db will be created with
proper endinanness as part of cross-architecture release builds.
Upgrading from Previous Releases of FreeBSD
Upgrading Using freebsd-update(8) or a Source-Based Procedure
[amd64,i386] Binary upgrades between RELEASE versions (and
snapshots of the various security branches) are supported using the
freebsd-update(8) utility. The binary upgrade procedure will
update unmodified userland utilities, as well as an unmodified
GENERIC kernel, distributed as a part of an official
FreeBSD release. The
freebsd-update(8) utility requires that the host being upgraded
have Internet connectivity.
Source-based upgrades (those based on recompiling the FreeBSD
base system from source code) from previous versions are supported
using to the instructions in
For more specific information about upgrading instructions, see FreeBSD 9.3-RELEASE Installation Instructions.
Upgrading FreeBSD should only be attempted after backing up all data and configuration files.
FreeBSD 9.0 and later versions have several configuration incompatibilities with earlier versions of FreeBSD. These differences are best understood before upgrading. Please read this section and the Upgrading Section in 9.0-RELEASE Release Notes carefully before submitting a problem report and/or posting a question to the FreeBSD mailing lists.
Last modified on: June 19, 2021 by Danilo G. Baio